Oil Exporters Attacked by Malware Similar to That Used to Attack Iran
August 17, 2012 12:30 PM
comment(s) - last by
Attack vector differs slightly from the "Wiper" the malware used to attack the Iranian oil industry
Using a malware package
with tools with names like "Wiper", U.S. and Israeli intelligence teams are suspected of a concerted
campaign designed to cripple
Iran's oil industry
, a key supplier of Chinese demand and lifeblood of the Middle Eastern giant's economy.
But now the U.S. energy sector finds itself under attack by a somewhat similar piece of malware dubbed Shamoon or Disttrack by researchers
) and Intel Corp. (
The malware is named for its resident directory -- C:\Shamoon\ArabianGulf\wiper\release\wiper.pdb -- which, of course, is likely to change as new variants pop up. Shamoon means "Simon" in Arabic. There's also
Shamoon College of Engineering
in Israel -- another possible local name connection.
The malware contains a string in its compilation directory "wiper", making it clear that the authors intended it as at least a homage to the Iran-targeting Wiper. But Kaspersky Lab says that unlike Stuxnet -- where the U.S.'s anti-Iranian code was decompiled and used by malicious hackers -- the new malware is likely only an imitation, not repackaging.
The code uses different file and service names than the original Wiper. It also attacks with different attack pattern, though the net goal is the same -- to destroy hard drive data on infected energy sector computers.
Kaspersky Labs' analysis team
, "It is more likely that this is a copycat, the work of script kiddies inspired by the story."
But if script kiddies wrote the malware, they must be some pretty good ones. The malware has advanced networked propagation code, and overwrites the hard drive with a JPEG image found on the internet, preventing data recovery. While not exactly rocket science, those little touches are the kinds of sophistication oft overlooked by novice hackers.
Shamoon may have struck Saudi Arabia's oil industry, though infections are limited.
[Image Source: CNBC]
The state-owned Saudi Arabian Oil Comp., the world's largest oil producer and privately held company,
announced this week
that it was struck by a malware attack. It was unclear, however, whether Shamoon or a similar variant was responsible for the attack on one of America's largest foreign oil suppliers.
What is clear, based on expert reports is that the extent of infections is small, with Symantec reporting
less than 50 systems
This article is over a month old, voting and posting comments is disabled
RE: The United States...
8/19/2012 6:29:41 AM
My car runs on happy thoughts, unicorns, and rainbows. Also, forgot to mention sunshine.
RE: The United States...
8/20/2012 5:37:40 PM
How many miles per unicorn are you getting? Rainbows are hard enough to capture, but the unicorns are a bitch to find let alone catch, so I had to go back to powering my car with dreams and visions.
"Vista runs on Atom ... It's just no one uses it". -- Intel CEO Paul Otellini
Microsoft Tightens Security, Deals IT Folks Headaches in Flame Fight
July 12, 2012, 12:00 PM
Microsoft Aims to Harden Windows Update to Fight "Flame"
June 6, 2012, 2:24 PM
Iranian Oil Industry Hit with Cyber Attack
April 24, 2012, 10:31 AM
Report: AT&T Eyeing $40B DirecTV Purchase
May 1, 2014, 8:00 AM
WebOS Class Action Settlement Costs HP $57 Million
April 1, 2014, 10:22 AM
IBM Workers Strike Over Terms of Deal That Will Have Them Working for Lenovo
March 6, 2014, 9:29 AM
Google Picking Up Artificial Intelligence Company "DeepMind" for $400 Million
January 27, 2014, 9:25 AM
Quick Note: Qualcomm Grabs up Palm, IPAQ, and Bitfone Patent Portfolio from HP
January 24, 2014, 9:18 AM
Verizon Buys Intel Media OnCue Cloud TV assets
January 21, 2014, 10:26 AM
Most Popular Articles
Numerous Leaks Detail 4.7" iPhone 6 Processor, RAM, Cellular and NFC Capabilities
August 29, 2014, 10:37 PM
Windows 9: "Upgrade Now" Button Coming for Enterprise Updates, ARM Preview in H1 2015
August 26, 2014, 8:00 PM
L.A. Unified School District’s Apple iPad Contract Canceled Following Heavy Criticism
August 26, 2014, 12:37 PM
Apple Builds Not-So-Secret Secret 3-Story Tower for iPhone 6/iWatch Unveil
August 28, 2014, 3:41 PM
Netflix Accuses Comcast of Ripping Off Customers, Files to Block Merger
August 26, 2014, 5:49 PM
Latest Blog Posts
Space Terrorism is a Looming Threat For the United States
Apr 23, 2014, 7:47 PM
Facebook Aims to Provide Internet to "Every Person in the World" with Drones, Satellites
Apr 1, 2014, 10:20 AM
Retail Mobile Sites Experience Outages in Light of Simplexity's Bankruptcy
Mar 14, 2014, 8:48 AM
Tesla vs. BMW: Who Has the Safer EV?
Feb 1, 2014, 2:56 PM
Justice Leaks Details of Next HTC One Two Flagship Phone
Dec 5, 2013, 4:04 PM
More Blog Posts
Copyright 2014 DailyTech LLC. -
Terms, Conditions & Privacy Information